NIST SP 800-53 r4 Privacy Control DM-1: Minimization of Personally Identifiable Information, v4

Profile of requirements corresponding to NIST Special Publication 800-53 r4, Privacy Control DM-1: Minimization of Personally Identifiable Information.
Identifier https://artifacts.trustmarkinitiative.org/lib/tips/nist-sp-800-53-r4-privacy-control-dm-1_-minimization-of-personally-identifiable-information/4/
Publication Date 2021-04-26
Issuing Organization
No Responder help@trustmarkinitiative.org 555-555-5555 No Mailing Address
Keywords 800-53, Data Minimization, Minimization, NIST, Personally Identifiable Information, Privacy, Retention
Legal Notice This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TD_ref1 and TD_ref2 and TD_ref3 and TD_ref4 and TD_ref5 and TD_ref6

References (6)

 TD  Privacy - Minimization of Personally Identifiable Information - Identification of Minimum Relevant PII Elements, v1.0
Description Defines conformance and assessment criteria for verifying that an organization identifies the minimum personally identifiable information (PII) elements that are relevant and necessary to accomplish the legally authorized purpose of collection.
ID TD_ref1
Provider Reference
 TD  Privacy - Minimization of Personally Identifiable Information - Regular Reviews of PII Holdings For Compliance With Notice, v1.0
Description Defines conformance and assessment criteria for verifying that an organization establishes and follows a schedule for regularly reviewing PII holdings at least annually to ensure that only PII identified in the notice is collected and retained.
ID TD_ref2
Provider Reference
 TD  Privacy - Minimization of Personally Identifiable Information - Retention of PII Conforms With Notice and Consent, v1.0
Description Defines conformance and assessment criteria for verifying that an organization limits the retention of PII to the minimum elements identified for the purposes described in the notice and for which the individual has provided consent.
ID TD_ref3
Provider Reference
 TD  Privacy - Minimization of Personally Identifiable Information - Collected PII Conforms With Notice and Consent, v1.0
Description Defines conformance and assessment criteria for verifying that an organization limits the collection of PII to the minimum elements identified for the purposes described in the notice and for which the individual has provided consent.
ID TD_ref4
Provider Reference
 TD  Privacy - Minimization of Personally Identifiable Information - Regular Reviews of PII Holdings For Continued Need, v1.0
Description Defines conformance and assessment criteria for verifying that an organization establishes and follows a schedule for regularly reviewing PII holdings at least annually to ensure that the PII continues to be necessary to accomplish the legally authorized purpose.
ID TD_ref5
Provider Reference
 TD  Privacy - Minimization of Personally Identifiable Information - Initial Evaluation of PII Holdings, v1.0
Description Defines conformance and assessment criteria for verifying that an organization conducts an initial evaluation of PII holdings to ensure that only PII identified in the notice is collected and retained.
ID TD_ref6
Provider Reference

Sources (1)

SP800-53R4 NIST Special Publication 800-53 Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations, National Institute of Standards and Technology, April 2013 (Includes updates as of 01-15-2014). Available at http://dx.doi.org/10.6028/NIST.SP.800-53r4.
Also available as XML or JSON